Security News > 2020 > December > Spearphishing Attack Spoofs Microsoft.com to Target 200M Office 365 Users
A spearphishing attack is spoofing Microsoft.com to target 200 million Microsoft Office 365 users in a number of key vertical markets, including financial services, healthcare, manufacturing and utility providers.
The attack is particularly deceiving because it deploys an exact domain spoofing technique, "Which occurs when an email is sent from a fraudulent domain that is an exact match to the spoofed brand's domain," Ovadia wrote.
The attack is comprised of a realistic-looking email that attempts to persuade users to take advantage of a relatively new Office 365 capability that allows for them to reclaim emails that have been accidentally marked as spam or phishing messages, according to the report.
To mitigate attacks, Ironscales advised organizations to configure their email defense and protection systems for DMARC, which should detect and reject emails coming from the latest Office 365 campaign, according to the report.
"Advanced mailbox-level email security that continuously studies every employee's inbox to detect anomalies based on both email data and metadata extracted from previously trusted communications can help stop email spoofs that slip through the cracks," Ovadia added.
News URL
https://threatpost.com/spearphishing-attack-spoofs-microsoft-office-365/162001/
Related news
- Microsoft discloses Office zero-day, still working on a patch (source)
- Microsoft discloses unpatched Office flaw that exposes NTLM hashes (source)
- Microsoft Warns of Unpatched Office Vulnerability Leading to Data Exposure (source)
- Microsoft fixes 6 zero-days under active attack (source)
- Google raps Iran's APT42 for raining down spear-phishing attacks (source)
- Microsoft Office 2024 to disable ActiveX controls by default (source)
- Microsoft Is Disabling Default ActiveX Controls in Office 2024 to Improve Security (source)
- Microsoft says it broke some Windows 10 patching – as it fixes flaws under attack (source)
- Microsoft rolls out Office LTSC 2024 for Windows and Mac (source)
- Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks (source)